Skip to main content

AWS Notes

AWS SAP

This section is around notes for AWS Solutions Architect Professional and Networking exams, which is just a ton of jargon and components tied together

Most of AWS is tough to understand because everything has some marketed name like "Route53" instead of just "DNS Service", and figuring out how those components tie together now requires a 2-3 week in-depth course

  • Well architected framework
    • 5 principles of operational excellence, security, reliability, performance efficiency, cost optimization
    • Operational Excellence
      • Perform operations as code
      • Annotate documentation
      • Make frequent, small, reversible changes
      • Refine operations procedures frequently
      • Anticipate failure
      • Learn from all operational failures
    • Security
      • Implement a strong identity foundation
      • Enable traceability
      • Apply security at all layers
      • Automate security best practices
      • Protect data in transit and at rest
      • Keep people away from data
      • Prepare for security events
    • Reliability
      • Test recovery procedures
      • Automatically recover from failure
      • Scale horizontally to increase aggregate system availability
      • Stop guessing capacity
      • Manage change in automation
    • Performance Efficiency
      • Democratize advanced technologies
      • Go global in minutes
      • Use serverless architectures
      • Experiment more often
      • Consider mechanical sympathy
    • Cost Optimization
      • Adopt a consumption model
      • Measure overall efficiency
      • Stop spending money on data center operations
      • Analyze and attribute expenditure
      • Use managed and application-level services to reduce cost of ownership

General Knowledge

There are:

  • 200+ services
  • 25+ global regions
  • 80+ availability zones
  • 230+ edge locations (for CloudFront)

In any account you can have:

  • 100 VPCs
    • Default of 5 per region, can be increased to 100
  • 5,000 subnets
  • 1,000 route tables
  • 10,000 network ACLs
  • 5,000 internet gateways
  • 5,000 NAT gateways
  • 5,000 VPC endpoints
  • 5,000 VPN connections
  • 5,000 customer gateways
  • 5,000 Direct Connect connections
  • 5,000 security groups
  • 5,000 elastic IPs
  • 3,000 IAM roles
  • 2,500 S3 buckets
  • 20,000 Lambda functions
  • 100,000 DynamoDB tables
  • 100,000 CloudWatch alarms
  • 100,000 SNS topics
  • 100,000 SQS queues
  • 100,000 API Gateway APIs
  • 100,000 CloudFormation stacks
  • 1,000 RDS DB instances
  • 40,000 EC2 instances
  • 5,000 ELBs
  • 5,000 EFS file systems
  • 5,000 CloudFront distributions

AWS is compliant in:

  • HIPAA: Health Insurance Portability and Accountability Act
  • GDPR: General Data Protection Regulation
  • SOC 1, 2, 3: System and Organization Controls
  • PCI DSS: Payment Card Industry Data Security Standard
  • FedRAMP: Federal Risk and Authorization Management Program
  • ISO 27001: International Organization for Standardization
  • FISMA: Federal Information Security Management Act
  • CCPA: California Consumer Privacy Act
  • NIST: National Institute of Standards and Technology
  • ITAR: International Traffic in Arms Regulations
  • CJIS: Criminal Justice Information Services
  • MPAA: Motion Picture Association of America
  • FERPA: Family Educational Rights and Privacy Act
  • GLBA: Gramm-Leach-Bliley Act
  • SOX: Sarbanes-Oxley Act